1. Field of the Invention
The invention relates to computer system security and communication systems. The invention relates also to a trusted platform module. Particularly, the invention relates to a method for the secure execution of partitioned program code in a communication system.
2. Description of the Related Art
Computer system security is an increasingly important issue today. Along with an expanding gamut of security threats to computer systems such as the infiltration of malicious software components into target systems, it has become important to guard the systems against attacks. As seemingly innocuous data communications may introduce subtle malicious changes to applications in a computer system, it would be a boon to be able to rest assured that a critical application has not been manipulated and remains as it was when purchased or installed. Especially, when monetary transactions and binding contracts are made, it is important for avoiding identity thefts and for rigorous non-repudiation to be able to ensure that an authentication application functions correctly.
Consequently, mobile devices and computing devices are being provided with trusted environments, that is, secure program execution environments. The trusted environments are used to run applications which handle device specific or imported secrets. The applications executed in the trusted range from authentication, electronic commerce to implement digital rights management and copy protection. Trusted environments may be provided in the form of removable modules, that is, plug-in-units or smart cards, which comprise a processor and a memory of their own. However, the memory available in such modules is often limited. As the size of applications tends to grow over time, applications to be executed in a trusted environment may become too large to be executed as a single piece in the secure environment.
It would be beneficial to be able to have a solution which enables applications of significantly larger than the memory in the trusted environment to be executed by the trusted environment without unduly compromising the trust originally provided by the trusted environment.